Participate in a 24/7 on-call rotation providing coverage for active security incidents, investigations, and security events across our global infrastructure.
Lead investigation and remediation of security incidents, coordinating cross-functional response efforts to minimize impact and recovery time.
Play a major role in bootstrapping an end to end D&R alert and investigation pipeline.
Triage and investigate security alerts from detection tools including Wiz Defend, Crowdstrike, to identify genuine threats and reduce false positives.
Develop and maintain detection rules, runbooks, and response procedures mapped to the company's threat model.
Automate alert triage workflows and improve mean time to detection and response through tooling and process enhancements.
Conduct security event analysis to identify policy violations, misconfigurations, and potential attack vectors before they become incidents.

Requirements

8+ years of professional experience in security-related domains, including at least 4 years in security operations, incident response, threat hunting, or threat detection roles.
Demonstrated experience working within security detection and response programs in cloud-native environments.
Hands-on experience with security tooling (SIEM, SOAR, EDR, and CSPM tools) with a focus on detection engineering and alert tuning.
Experience working in Kubernetes-based production environments with extensive SaaS platform integration.
Working knowledge of attacker TTPs and frameworks such as MITRE ATT&CK.
Relevant certifications such as GCIH, GCIA, GCFA, or equivalent are a plus.

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security operationsincident responsethreat huntingthreat detectiondetection engineeringalert tuningcloud-native environmentsKubernetesSIEMSOAR

Soft Skills

leadershipcommunicationcross-functional coordinationproblem-solvinganalytical thinking

Certifications

GCIHGCIAGCFA